ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [openpgp] Default preferences for the future

2017-03-21 09:07:28
from [HANSEN, TONY L] [Permanent Link] 
FIPS 180-4 also defines SHA2-512/224 and SHA2-512/256. Should they be added to 
the table?

        Tony Hansen

On 3/20/17, 7:14 PM, "openpgp on behalf of Mark D. Baushke" 
<openpgp-bounces(_at_)ietf(_dot_)org on behalf of mdb(_at_)juniper(_dot_)net> 
wrote:

    As an editorial remark, it would be nice if rfc4880bis were to use
    a consistent representation for the secure hash algorithm families.
    SHA1 is sometimes written as SHA1 and sometimes written as SHA-1.
    
    I will also note that "SHA224" "SHA256" "SHA384" "SHA512" "SHA-224"
    "SHA-256" "SHA-384" and "SHA-512" might want to be more completely
    specified as members of the SHA-2 family [FISP180] by using the tag
    "SHA2-224" "SHA2-256" "SHA2-384" and "SHA2-512" as the algorithm name in
    section 9.5 as compared with members of the SHA-3 [FIPS202] family of
    algorithms: SHA3-224, SHA3-256, SHA3-384, SHA3-512 (noting that the
    SHA-3 family are NOT YET a part of rfc4880bis).
    
    https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-01
----------%<----------%<----------%<----------%<----------%<----------
    …
    and suggested update to section 9.5:
    
    ----------%<----------%<----------%<----------%<----------%<----------
    9.5.  {9.4} Hash Algorithms
    
          +-----------+---------------------------------+--------------+
          |        ID | Algorithm                       | Text Name    |
          +-----------+---------------------------------+--------------+
          |         1 | MD5 [HAC]                       | "MD5"        |
          |         2 | SHA-1 [FIPS180]                 | "SHA1"       |
          |         3 | RIPE-MD/160 [HAC]               | "RIPEMD160"  |
          |         4 | Reserved                        |              |
          |         5 | Reserved                        |              |
          |         6 | Reserved                        |              |
          |         7 | Reserved                        |              |
          |         8 | SHA2-256 [FIPS180]              | "SHA256"     |
          |         9 | SHA2-384 [FIPS180]              | "SHA384"     |
          |        10 | SHA2-512 [FIPS180]              | "SHA512"     |
          |        11 | SHA2-224 [FIPS180]              | "SHA224"     |
          |  100--110 | Private/Experimental algorithm  |              |
          +-----------+---------------------------------+--------------+
    
       Implementations SHOULD implement SHA-1.  Implementations MUST
       implement SHA256. Implementations MAY implement other algorithms.
       MD5 and RIPE-MD/160 are deprecated.
    
    ----------%<----------%<----------%<----------%<----------%<----------

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [openpgp] Default preferences for the future, Robert J. Hansen
Next by Date:  Re: [openpgp] Default preferences for the future, Mark D. Baushke
Previous by Thread:  Re: [openpgp] Default preferences for the future, Robert J. Hansen
Next by Thread:  Re: [openpgp] Default preferences for the future, Mark D. Baushke
Indexes:  [Date] [Thread] [Top] [All Lists]